Overview

overview

3

Static

static

1

d280c390ef...8.html

windows7-x64

3

d280c390ef...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    149s
  • max time network
    149s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    07/09/2024, 17:47

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    d280c390efa3bddf2823b8118402e14a_JaffaCakes118.html

  • Size

    102KB

  • MD5

    d280c390efa3bddf2823b8118402e14a

  • SHA1

    d0713b3b76dd0c68f33ba874aab8c40641c08ec0

  • SHA256

    ec611d6563991d01984deb23a8d7e559253868e62e854b36161164159f4b65cd

  • SHA512

    f241ff6b57d2f27209e58a8d293b246e547bae76068680cb98d154de925a09fbf9724b574763b27f5e1641e273b5918527775c8e1df617eb9c1cc68c982fcfa4

  • SSDEEP

    1536:jk0NCE5BlWtt97N/KUNdYCNh0lgExhqtXrrHKyCiS3XjI0CfLUzbA:fCE5YtOmdYKmPyIzbA

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d280c390efa3bddf2823b8118402e14a_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2320
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2320 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2328

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          77fcc5f9eefeff780fe933ac0156394d

          SHA1

          310f16aff4f6f181899545fa888c4a366a201d7c

          SHA256

          9df2a62dba3c7993849c162e42e056b5ec137d6201e1397ef2fa67b77ff00b54

          SHA512

          be3b6b6ff9662075b2fcacc30562be969663c80d3a61811e2170547caaa5db1cc389a143f580289ecf31e4cb784429afb3859561f53efeb17fefeeb11460e0ea

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          a825c5322b0ff91fbfa67c424218d327

          SHA1

          b4930c6539fb57d1909a0833df79ec690655348e

          SHA256

          b06f510344f4ade3ce1327c82de39afe254c1531a9025602ae60dbc5f16bbff5

          SHA512

          bedf330150c1e247914557be3bd71c663c618de6b7cf297419784d672296a63ff3d452977a315d996031c91f27e05b2035e4e12a1793d43413453c8fc7e1bce4

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          f7c9960a4f473e59dbde464aef31e970

          SHA1

          ed65014a5890c2aa30812cb0c2f00ebfdda14f57

          SHA256

          654440f3d326ed9307dbc9f1e01c963cb32ce4bf68d8b92eee5f08ccfc17e709

          SHA512

          e47f1ddab5dc30fb5124a3fd424b66fe30c0991aa8777b6ab71759de29cdf5444311b5447a3574e03584010eb3bf23a94df2492d30f444709508d5d64c893527

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          52ffe50b7a08a6b7aa20b668922e8c6b

          SHA1

          9791ce7a4344155d526b0f6278c85c0347fde277

          SHA256

          ba7250816978670e2dc8174fec6a896bec759d24d9923035c587f6d62bc1b50b

          SHA512

          2bcf5448fdc739a880c9f7bc51c0384656bb255b571a4c77edcf9c958f9a8e69c12c48de53c5ed0f869018dac458cbc7854406402dff4d9e3b186c314a3b87e0

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          31e4430a36e2ec9440df3de89078e80f

          SHA1

          1da5e03ed433c77a50fa35988add52c3263a0ff0

          SHA256

          b84a2f3423a70082c89a35b13c0b8b566909c468d2f5fe0b647e516a3457d20a

          SHA512

          ee5f29b38249b32108526179a41f827b948af88527249ccd9900538c1752f609ac69f48ce46dcb62dd2e663d7449fb252bb41cbdf4bec34eadbb6d4443b3937e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          6591429e687d14a87aa8c9c0c5a7afe0

          SHA1

          df25c9c1a72ec2512f2b91c1f9fc98c355c70aee

          SHA256

          18979a78fcc9c7698115c59450a42542ea8a3b82f3169dc172461a3fc04c2e20

          SHA512

          ccd0d8cfa0a59f40e0fbab575ae0413dfc773c79c1c933cdcac139d87532a08f105d5efb106d0633c4c699020905cd85eae4942ac977521c524b88db61cb75a2

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          02876e368c8f61657c251ed35273f24f

          SHA1

          196edc477b9aecd61d6be43eb2475ef512ee2b85

          SHA256

          6c56fe63a835f2c0471e1756b6e44d674cb6aa89c75f68e875450e65b1c676fc

          SHA512

          b8cd769edf053349bf919e881e57edd3ac72129c3299061d2f1787c05daae5399abd4ec491158c99eb317301e9d557318c10e86952c15343e0c704e5d7da7f1b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          acef53724797bc63f3c010547cf1430d

          SHA1

          2ee9cb361fc12e7f3c6688a144d4f969843a62a3

          SHA256

          529bf5c2f93111dd28e28069c4ed5a3be51099d1756f4d99b50d939ed445a92a

          SHA512

          3fa022b30bf7f498068d5357a1e7f5b5ae8dbfe0204182b7f1078e75b10ab4d31908a3037089325787c46e1a89c3dbccc66f15170e299add3a603b41aa67cd3e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          32cdf41462b63269ece8df7f1c06dccd

          SHA1

          1be92cff44d0395a01cf6a762a6e631086af44a2

          SHA256

          66ee0fd5a9bbd48e2f2a46995b7b5d58f65928bdf97c5ac83dfa71940c4b6c64

          SHA512

          a3b320041259a7579fda61940c38599eb98eb3fc95b9d2a0f728279662a95d3541de7955d4cad84acb1bdb8d1326399f8015b44ffc8aa25d2eeefb3398c32bb2

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\CabAA84.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\TarAB32.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit